Oracle

Application Express

47 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2020-2973

  • EPSS 0.19%
  • Veröffentlicht 15.07.2020 18:15:38
  • Zuletzt bearbeitet 21.11.2024 05:26:45

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

5.4

CVE-2020-2974

  • EPSS 0.19%
  • Veröffentlicht 15.07.2020 18:15:38
  • Zuletzt bearbeitet 21.11.2024 05:26:45

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

5.4

CVE-2020-2975

  • EPSS 0.19%
  • Veröffentlicht 15.07.2020 18:15:38
  • Zuletzt bearbeitet 21.11.2024 05:26:45

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

5.4

CVE-2020-2976

  • EPSS 0.19%
  • Veröffentlicht 15.07.2020 18:15:38
  • Zuletzt bearbeitet 21.11.2024 05:26:46

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

4.9

CVE-2020-2977

  • EPSS 0.19%
  • Veröffentlicht 15.07.2020 18:15:38
  • Zuletzt bearbeitet 21.11.2024 05:26:46

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network a...

5.4

CVE-2020-2513

  • EPSS 0.28%
  • Veröffentlicht 15.07.2020 18:15:37
  • Zuletzt bearbeitet 21.11.2024 05:25:24

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

6.1

CVE-2020-11023

Warnung Exploit
  • EPSS 21.32%
  • Veröffentlicht 29.04.2020 21:15:11
  • Zuletzt bearbeitet 24.01.2025 02:00:02

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...

4.9

CVE-2020-2514

  • EPSS 0.42%
  • Veröffentlicht 15.04.2020 14:15:21
  • Zuletzt bearbeitet 21.11.2024 05:25:24

Vulnerability in the Oracle Application Express component of Oracle Database Server. The supported version that is affected is Prior to 19.2. Easily exploitable vulnerability allows low privileged attacker having End User Role privilege with network ...

6.1

CVE-2020-9281

  • EPSS 0.77%
  • Veröffentlicht 07.03.2020 01:15:15
  • Zuletzt bearbeitet 21.11.2024 05:40:20

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).

6.1

CVE-2019-10219

  • EPSS 1.67%
  • Veröffentlicht 08.11.2019 15:15:11
  • Zuletzt bearbeitet 07.07.2025 14:15:21

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.